Privacy Policy 

We invite you to read our privacy policy. Here you will find information about the processing of your personal data, who is the administrator and what your rights are related to the use of data.

General information

The service provider and controller of your personal data is the International Conference Centre "Krzyżowa" sp. z o. o. (hereinafter referred to as "MCK" or "controller"), with its registered office in Krzyżowa No. 7, 58-112 Grodziszcze, entered into the National Court Register under KRS number 0000289406, REGON: 020590003, NIP: 8842640247, with the share capital of PLN 50,000, fully paid up.

The Provider is the controller of personal data in relation to data provided voluntarily by users when visiting the website, using the services or participating in various types of marketing campaigns that may be conducted by the Provider, e.g. newsletter, contact form.

Contact to the data administrator

You can contact us regarding our service in the following ways:

• e-mail: sekretariat@krzyzowa.org.pl,
• in person or by mail: Krzyżowa 7, 58-112 Grodziszcze
• via the contact form located on the website in the tab contact.

Data Protection Officer

If you have any questions regarding the method and scope of processing of your personal data or would like to exercise your rights under the provisions on personal data protection, please contact us at the following e-mail address: rodo@krzyzowa.pl or in writing to our address.

Your rights

You have the right to request:

• access to your personal data, including obtaining a copy of your data (Article 15 of the GDPR or – if applicable – Article 13(1)(f) of the GDPR),
• their rectification (Article 16 of the GDPR),
• deletion (Article 17 of the GDPR),
• restrictions on processing (Article 18 of the GDPR),
• request the transfer of data to another controller (Article 20 of the GDPR),
• object at any time to the processing of your data:
  • for reasons related to your particular situation – in relation to the processing of your personal data based on Article 6(1)(f) of the GDPR (i.e. on our legitimate interests) – Article 21(1) of the GDPR;
  • if personal data are processed for the purposes of direct marketing, including profiling, to the extent that the processing is related to such direct marketing – Article 21 paragraph 2 of the GDPR.
• lodge a complaint with the President of the Personal Data Protection Office if you believe that your data is being processed unlawfully. Address information: Office of the Personal Data Protection Office, ul. Stawki 2, 00-193 Warsaw. Phone no. 22 531 03 00, fax. 22 531 03 01, e-mail address: kancelaria@uodo.gov.pl. PUODO website: www.uodo.gov.pl.

If you wish to exercise your rights, please contact us. 

Your personal information and privacy

Establishing contact and submitting a report

For what purposes do we process data: handling your inquiries or reports

On what basis do we process data: contract actions taken at your request, aimed at its conclusion (Article 6, paragraph 1, letter b of the GDPR) – if your inquiry or notification concerns a contract to which we are or may be a party (e.g. it concerns the newsletter or use of the contact form). In addition, the basis is our legitimate interest in processing your data for the purpose of communicating with you (Article 6, paragraph 1, letter f of the GDPR – if your inquiry or notification is not related to the contract or until we take into account your objection to the processing of your personal data.

How long will the data be processed: for the duration of the contract binding us or – if no contract is concluded – 2 years from the date you send your query or notification.

What will happen if I do not provide data: we will not be able to answer your question or process your request.

Our website does not use cookies.

Data security

When processing your personal data, we use organizational and technical measures in accordance with applicable law, including connection encryption using an SSL/TLS certificate. 

In addition, we use organizational solutions to ensure the highest possible level of protection and confidentiality (training, internal regulations, conduct policies, password policies, etc.) and have appointed a Data Protection Officer.

Data recipients and service providers

We use the services of external entities that support us in running our business. We entrust them with processing your data - these entities process data only on our documented instructions.

Below is the list of data recipients:

Using the newsletter: 

• entity providing the mail sending system
• email box provider 

Establishing contact and submitting a report:

• entity providing the mail sending system
• email box provider 

Use of the website:

• Hosting Provider

Using the userway plugin (a plugin that improves the accessibility of a website, in accordance with WCAG 2.2 requirements)

• Userway plug-in provider (UserWay Inc. 1000 N. West Street, Suite 1410 Wilmington, DE, 19801, USA
• personal data is transferred to countries outside the EU. 

Transfer of personal data to countries outside the European Union

Your personal data may also be processed by entities outside the European Union. The appropriate level of protection of your data, including through the use of appropriate safeguards, is ensured by the participation of these entities in the so-called Data Privacy Framework, a program established by the implementing decision of the European Commission as a set of principles guaranteeing adequate protection of your privacy - in the case of entities from the United States of America.

Privacy Policy Changes

We reserve the right to make changes to the privacy policy if required by law or changes introduced on the websites, as well as to improve the operation of the website.

The date set out below is the effective date of the latest version of the privacy policy.

Date last modified: 25/04/2025.